CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2006(Gain Information)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2006-4679 +Info 2006-09-11 2018-10-17
5.0
None Remote Low Not required Partial None None
DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug".
102 CVE-2006-4676 +Info 2006-09-11 2017-10-19
1.2
None Local High Not required Partial None None
TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file.
103 CVE-2006-4642 +Info 2006-09-08 2018-10-17
1.7
None Local Low ??? Partial None None
AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file.
104 CVE-2006-4615 +Info 2006-09-07 2018-10-17
4.9
None Local Low Not required Complete None None
Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 stores usernames and passwords in plaintext in %PROGRAMFILES%\IMPlus\implus.cfg, which allows local users to obtain sensitive information by reading the file.
105 CVE-2006-4614 +Info 2006-09-07 2018-10-17
4.9
None Local Low Not required Complete None None
PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mobile registry, which allows local users to obtain sensitive information via keys under \HKEY_CURRENT_USER\Software\PDAapps\VeriChat.
106 CVE-2006-4595 200 +Info 2006-09-07 2020-02-10
5.0
None Remote Low Not required Partial None None
muforum (Āµforum) 0.4c stores membres/members.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes.
107 CVE-2006-4578 +Info 2006-12-31 2017-07-20
7.5
None Remote Low Not required Partial Partial Partial
export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information.
108 CVE-2006-4547 Sql +Info 2006-09-06 2018-10-17
6.5
None Remote Low ??? Partial Partial Partial
Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempting to add a user with a ' (single quote) character in the name, which reveals the details of the underlying SQL query, possibly because of a forced SQL error or SQL injection.
109 CVE-2006-4539 Bypass +Info 2006-09-05 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
(1) includes/widgets/module_company_tickets.php and (2) includes/widgets/module_track_tickets.php Client Support Center in Cerberus Helpdesk 3.2 Build 317, and possibly earlier, allows remote attackers to bypass security restrictions and obtain sensitive information via the ticket parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
110 CVE-2006-4537 200 +Info 2006-09-05 2017-07-20
2.1
None Local Low Not required Partial None None
NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows local users to obtain passwords by reading the file.
111 CVE-2006-4493 +Info 2006-08-31 2017-07-20
2.1
None Local Low Not required Partial None None
xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with insecure file permissions, which allows local users to obtain sensitive information such as login credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
112 CVE-2006-4492 +Info 2006-08-31 2008-11-11
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Cybozu Office 6.5 Build 1.2 for Windows allows remote attackers to obtain sensitive information, including users and groups, via unspecified vectors.
113 CVE-2006-4487 +Info 2006-08-31 2018-10-17
5.0
None Remote Low Not required Partial None None
DUware DUpoll 3.0 and 3.1 stores _private/Dupoll.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords.
114 CVE-2006-4352 +Info 2006-08-25 2008-09-05
5.0
None Remote Low Not required Partial None None
The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.
115 CVE-2006-4304 DoS Exec Code Overflow +Info 2006-08-24 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver.
116 CVE-2006-4233 +Info 2006-08-18 2017-07-20
3.6
None Local Low Not required Partial Partial None
Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local users to obtain sensitive information (proxy certificates) and overwrite arbitrary files via a symlink attack on temporary files in the /tmp directory, as demonstrated by files created by (1) myproxy-admin-adduser, (2) grid-ca-sign, and (3) grid-security-config.
117 CVE-2006-4223 200 +Info 2006-08-18 2011-03-07
5.0
None Remote Low Not required Partial None None
IBM WebSphere Application Server (WAS) before 6.0.2.13 allows context-dependent attackers to obtain sensitive information via unspecified vectors related to "JSP source code exposure" (PK23475), which occurs when ibm-web-ext.xmi sets fileServingEnabled to true or ExtendedDocumentRoot is used to place a JSP outside a WAR.file; (3) the First Failure Data Capture (ffdc) log file (PK24834); and (4) traces (PK25568), a different issue than CVE-2006-4137.
118 CVE-2006-4184 Bypass +Info 2006-08-17 2018-10-17
4.9
None Local Low Not required Complete None None
SmartLine DeviceLock before 5.73 Build 305 does not properly enforce access control lists (ACL) in raw mode, which allows local users to bypass NTFS controls and obtain sensitive information.
119 CVE-2006-4137 +Info 2006-08-14 2011-03-08
5.0
None Remote Low Not required Partial None None
IBM WebSphere Application Server before 6.1.0.1 allows attackers to obtain sensitive information via unspecified vectors related to (1) the log file, (2) "script generated syntax on wsadmin command line," and (3) traces.
120 CVE-2006-4043 +Info 2006-08-09 2018-10-17
5.0
None Remote Low Not required Partial None None
index.php in myWebland myBloggie 2.1.4 and earlier allows remote attackers to obtain sensitive information via a query that only specifies the viewdate mode, which reveals the table prefix in a SQL error message.
121 CVE-2006-4030 +Info 2006-08-16 2011-03-08
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and earlier allows remote attackers to obtain sensitive information via unspecified attack vectors, related to "two file exposure bugs."
122 CVE-2006-4023 Overflow Sql +Info 2006-08-09 2018-10-17
5.0
None Remote Low Not required Partial None None
The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner.
123 CVE-2006-4006 200 +Info 2006-08-07 2017-07-20
5.0
None Remote Low Not required Partial None None
The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data size, which causes the send_pkg function (packets.c) to use this data size when sending a reply, and allows remote attackers to read portions of server memory.
124 CVE-2006-4003 +Info 2006-08-07 2018-10-17
5.0
None Remote Low Not required Partial None None
The config method in Henrik Storner Hobbit monitor before 4.1.2p2 permits access to files outside of the intended configuration directory, which allows remote attackers to obtain sensitive information via requests to the hobbitd daemon on port 1984/tcp.
125 CVE-2006-3965 +Info 2006-08-01 2016-10-18
5.0
None Remote Low Not required Partial None None
Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords.
126 CVE-2006-3938 +Info 2006-07-31 2018-10-17
5.0
None Remote Low Not required Partial None None
DotClear allows remote attackers to obtain sensitive information via a direct request for (1) edit_cat.php, (2) index.php, (3) edit_link.php in ecrire/tools/blogroll/; (4) syslog/index.php, (5) thememng/index.php, (6) toolsmng/index.php, (7) utf8convert/index.php in /ecrire/tools/; (8) /ecrire/inc/connexion.php and (9) /inc/session.php; (10) class.blog.php, (11) class.blogcomment.php, (12) and class.blogpost.php in /inc/classes/; (13) append.php, (14) class.xblog.php, (15) class.xblogcomment.php, and (16) class.xblogpost.php in /layout/; (17) form.php, (18) list.php, (19) post.php, or (20) template.php in /themes/default/, which reveal the installation path in error messages.
127 CVE-2006-3937 +Info 2006-07-31 2018-10-17
5.0
None Remote Low Not required Partial None None
post.php in x_atrix xGuestBook 1.02 allows remote attackers to obtain sensitive information via a request without the (1) user, (2) mail, (3) p, or (4) url parameter, which reveals the installation path in an error message.
128 CVE-2006-3882 +Info 2006-07-27 2018-10-17
5.0
None Remote Low Not required Partial None None
Shalwan MusicBox 2.3.4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
129 CVE-2006-3831 +Info 2006-07-25 2018-10-17
5.0
None Remote Low Not required Partial None None
The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicable filenames for database backups and stores the files under the web root with insufficient access control, which allows remote attackers to obtain sensitive information by downloading a backup file.
130 CVE-2006-3757 +Info 2006-07-21 2018-10-17
5.0
None Remote Low Not required Partial None None
index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain sensitive information via empty (1) _GET[], (2) _SESSION[], (3) _POST[], (4) _COOKIE[], or (5) _SESSION[] array parameters, which reveals the installation path in an error message. NOTE: this issue might be resultant from a global overwrite vulnerability.
131 CVE-2006-3732 +Info 2006-07-21 2017-07-20
5.0
None Remote Low Not required Partial None None
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1 ships with an Oracle database that contains several default accounts and passwords, which allows attackers to obtain sensitive information.
132 CVE-2006-3640 +Info 2006-08-09 2021-07-23
5.0
None Remote Low Not required Partial None None
Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."
133 CVE-2006-3625 +Info 2006-07-18 2018-10-18
5.0
None Remote Low Not required Partial None None
FLV Players 8 allows remote attackers to obtain sensitive information via (1) a direct request to paginate.php or (2) an invalid p parameter to player.php, which reveal the path in an error message.
134 CVE-2006-3622 Sql +Info 2006-07-18 2018-10-18
5.0
None Remote Low Not required Partial None None
The showtopic module in Koobi Pro CMS 5.6 allows remote attackers to obtain sensitive information via a ' (single quote) in the p parameter, which displays the path in an error message. NOTE: it is not clear whether this is SQL injection or a forced SQL error.
135 CVE-2006-3610 +Info 2006-07-18 2018-10-18
5.0
None Remote Low Not required Partial None None
index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to obtain sensitive information (partial database schema) via a modified page_name parameter, which reflects portions of an SQL query in the result. NOTE: it is not clear whether the information is target-specific. If not, then this issue is not an exposure.
136 CVE-2006-3557 +Info 2006-07-13 2018-10-18
5.0
None Remote Low Not required Partial None None
MT Orumcek Toplist 2.2 stores DB/orumcektoplist.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request.
137 CVE-2006-3499 +Info 2006-08-03 2017-07-20
2.1
None Local Low Not required Partial None None
The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privileged applications.
138 CVE-2006-3487 +Info 2006-07-10 2008-09-05
5.0
None Remote Low Not required Partial None None
VirtuaStore 2.0 stores sensitive files under the web root with insufficient access control, which allows remote attackers to obtain local database information by directly accessing database/virtuastore.mdb.
139 CVE-2006-3483 +Info 2006-07-10 2008-09-05
5.0
None Remote Low Not required Partial None None
PHPMailList 1.8.0 stores sensitive information under the web document root iwth insufficient access control, which allows remote attackers to obtain email addresses of subscribers, configuration information, and the admin username and password via direct requests to (1) list.dat or (2) ml_config.dat.
140 CVE-2006-3413 +Info 2006-07-07 2008-09-05
5.0
None Remote Low Not required Partial None None
The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which allows attackers to obtain potentially sensitive information.
141 CVE-2006-3398 +Info 2006-07-06 2011-03-08
5.0
None Remote Low Not required Partial None None
The "change password forms" in Taskjitsu before 2.0.1 includes password hashes in hidden form fields, which allows remote attackers to obtain sensitive information from the (1) Category Editor and (2) User Information editor.
142 CVE-2006-3389 +Info 2006-07-06 2018-10-18
5.0
None Remote Low Not required Partial None None
index.php in WordPress 2.0.3 allows remote attackers to obtain sensitive information, such as SQL table prefixes, via an invalid paged parameter, which displays the information in an SQL error message. NOTE: this issue has been disputed by a third party who states that the issue does not leak any target-specific information.
143 CVE-2006-3386 +Info 2006-07-06 2018-10-18
5.0
None Remote Low Not required Partial None None
index.php in Vincent Leclercq News 5.2 allows remote attackers to obtain sensitive information, such as the installation path, via a mail[] parameter with invalid values.
144 CVE-2006-3371 +Info 2006-07-06 2018-10-18
5.0
None Remote Low Not required Partial None None
Eupla Foros 1.0 stores the inc/config.inc file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration.
145 CVE-2006-3370 +Info 2006-07-06 2018-10-18
5.0
None Remote Low Not required Partial None None
Blueboy 1.0.3 stores bb_news_config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration.
146 CVE-2006-3369 +Info 2006-07-06 2018-10-18
5.0
None Remote Low Not required Partial None None
Kamikaze-QSCM 0.1 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration.
147 CVE-2006-3368 +Info 2006-07-06 2018-10-18
5.0
None Remote Low Not required Partial None None
Efone 20000723 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information.
148 CVE-2006-3367 +Info 2006-07-06 2018-10-18
5.0
None Remote Low Not required Partial None None
Mp3 JudeBox Server (Mp3NetBox) Beta 1 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration.
149 CVE-2006-3365 200 +Info 2006-07-06 2018-10-18
2.6
None Remote High Not required Partial None None
V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter to mail/index.php or (2) membername parameter to messenger/online.php, which displays the path in an error page due to an incorrect SQL statement.
150 CVE-2006-3339 +Info 2006-07-03 2017-07-20
5.0
None Remote Low Not required Partial None None
secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows remote attackers to obtain sensitive information via unspecified manipulations of the projectId parameter, which displays the installation path and other system information in an error message.
Total number of vulnerabilities : 272   Page : 1 2 3 (This Page)4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.